Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hvBvJyG5-CfH83M2DhYFOWkU2Cg.roa
File: hvBvJyG5-CfH83M2DhYFOWkU2Cg.roa (raw, json)
Hash identifier: wDKtmo40dwgRFBSRXHY0QDbdfttnASkBSxoZO1r3tGg=
Subject key identifier: 86:F0:6F:27:21:B9:F8:27:C7:F3:73:36:0E:16:05:39:69:14:D8:28
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 01967D11F29AEA576E2D30F2886560C0A6CB
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hvBvJyG5-CfH83M2DhYFOWkU2Cg.roa
Signing time: Mon 28 Apr 2025 15:44:10 +0000
ROA not before: Mon 28 Apr 2025 15:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a11:fec0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:11:f2:9a:ea:57:6e:2d:30:f2:88:65:60:c0:a6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Apr 28 15:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86f06f2721b9f827c7f373360e1605396914d828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5a:a3:f9:c4:19:67:25:37:62:b5:70:15:67:
53:68:40:19:bb:af:62:b8:80:dc:a2:5e:a3:14:b1:
91:47:4d:18:ee:0b:5d:dc:de:7d:bd:ec:65:de:53:
39:70:ef:bc:09:27:7f:76:f8:58:5f:e0:fb:d6:0d:
84:c5:5a:b2:48:85:ee:cf:31:ad:28:e8:cd:cb:82:
47:38:d9:36:c3:86:58:6f:a1:4c:2d:75:f2:93:73:
fd:16:bd:8f:9d:d9:c1:85:6a:27:43:15:79:f7:50:
d5:bc:38:4d:82:69:50:7d:88:7c:4a:81:f0:1a:1a:
70:a2:e6:d8:62:21:71:05:e4:56:b1:b2:80:aa:bf:
1d:6a:61:12:12:ab:24:93:6e:8d:0b:a9:c3:a4:64:
66:69:ee:c2:1a:59:fa:87:8e:97:2d:01:e6:92:03:
f0:fb:06:54:a4:95:79:15:d4:2a:97:f5:c4:f6:a4:
fb:37:4d:14:25:db:6d:f4:5c:49:83:15:eb:64:e8:
71:09:ad:c3:59:c1:cd:80:b3:3a:e9:a2:32:2b:16:
a3:95:5b:8f:3b:ca:dc:01:6a:9b:79:12:89:d5:b5:
b1:39:8c:54:46:f7:3a:85:ae:11:3f:d6:12:33:23:
d8:86:17:3a:10:17:44:ba:93:77:14:2b:dd:5a:5c:
18:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F0:6F:27:21:B9:F8:27:C7:F3:73:36:0E:16:05:39:69:14:D8:28
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/hvBvJyG5-CfH83M2DhYFOWkU2Cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:fec0::/32
Signature Algorithm: sha256WithRSAEncryption
d0:80:6a:54:2e:b9:93:ec:62:8c:0f:62:35:41:de:f8:fd:20:
80:7a:a2:11:4a:16:16:44:6e:ca:a2:1a:d3:eb:2c:e4:7b:33:
2a:fb:c4:fc:08:61:0c:9f:a7:ae:b5:18:7e:31:a5:cc:27:15:
10:01:09:9d:5a:fd:16:8b:c9:d3:93:59:f4:54:54:53:55:d9:
ba:a8:52:7b:c5:9b:ad:39:16:51:9d:53:55:ed:6c:84:1c:fd:
5a:81:32:80:8a:5e:02:b8:3a:ac:17:dc:08:b1:f8:62:62:30:
4d:3a:56:84:eb:c0:e3:1c:9e:a9:ae:c9:4e:ed:af:a3:29:8c:
52:15:4c:f1:af:b5:09:fe:35:0f:b8:59:1e:4f:a9:15:8f:c0:
c8:e6:de:07:93:e6:cb:a2:13:64:09:44:a1:62:d5:32:49:30:
c8:83:fb:11:af:b0:3b:f6:89:f0:a3:02:fb:08:55:37:44:c7:
5e:1a:42:3c:0c:6c:ec:5a:5a:2c:7e:7d:66:0a:ea:10:d8:ad:
36:9a:3b:56:ad:e1:aa:55:35:41:dd:9a:54:02:83:b9:a0:ce:
3e:c0:4f:3c:91:a3:1a:25:48:91:7f:3f:1f:bf:8d:55:37:93:
07:08:22:30:5e:00:bc:ff:84:ee:04:ee:ed:ef:58:81:1e:b5:
5a:ff:8c:db
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZZ9EfKa6lduLTDyiGVgwKbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNDI4MTU0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmYwNmYyNzIxYjlmODI3YzdmMzczMzYwZTE2MDUzOTY5MTRkODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1qj+cQZZyU3YrVwFWdTaEAZu69i
uIDcol6jFLGRR00Y7gtd3N59vexl3lM5cO+8CSd/dvhYX+D71g2ExVqySIXuzzGt
KOjNy4JHONk2w4ZYb6FMLXXyk3P9Fr2PndnBhWonQxV591DVvDhNgmlQfYh8SoHw
GhpwoubYYiFxBeRWsbKAqr8damESEqskk26NC6nDpGRmae7CGln6h46XLQHmkgPw
+wZUpJV5FdQql/XE9qT7N00UJdtt9FxJgxXrZOhxCa3DWcHNgLM66aIyKxajlVuP
O8rcAWqbeRKJ1bWxOYxURvc6ha4RP9YSMyPYhhc6EBdEupN3FCvdWlwYTQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIbwbychufgnx/NzNg4WBTlpFNgoMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvaHZCdkp5RzUtQ2ZIODNNMkRoWUZPV2tVMkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhH+wDAN
BgkqhkiG9w0BAQsFAAOCAQEA0IBqVC65k+xijA9iNUHe+P0ggHqiEUoWFkRuyqIa
0+ss5HszKvvE/AhhDJ+nrrUYfjGlzCcVEAEJnVr9FovJ05NZ9FRUU1XZuqhSe8Wb
rTkWUZ1TVe1shBz9WoEygIpeArg6rBfcCLH4YmIwTTpWhOvA4xyeqa7JTu2voymM
UhVM8a+1Cf41D7hZHk+pFY/AyObeB5Pmy6ITZAlEoWLVMkkwyIP7Ea+wO/aJ8KMC
+whVN0THXhpCPAxs7FpaLH59ZgrqENitNpo7Vq3hqlU1Qd2aVAKDuaDOPsBPPJGj
GiVIkX8/H7+NVTeTBwgiMF4AvP+E7gTu7e9YgR61Wv+M2w==
-----END CERTIFICATE-----
Generated at Sat May 10 20:28:31 2025 by rpki-client